On 20 Jun 1997 [EMAIL PROTECTED] wrote: > [Paul Sutton] > | - Decide how the backend can write to the config files and signal the > | server (does this have to be a separate server with setuid scripts - > | yuck - or can we get something like a Unix-socket interface to > | Apache?) > > the only thing you need to be root in order to do is to kick (SIGHUP) > the server in order to restart it. that can be accomplished in a few > lines of C code. you may want to add some security stuff to it (like > how often we can kick the server and who gets to kick it).
The admin server also needs to write to the configuration files, which will probably be owned by a different user that the one that the main server runs as. In terms of who gets access to the admin functions, that I guess can simply be setup by a command line initial install program where you select one (or both) of a IP restriction and/or a username/password restriction. That isn't a big issue. More important is that we don't want the back-end programs to allow other local users to be able to either change to being another user or do things to the main server (like HUPing it). I am assuming the interface will be based on a standard browser here to allow for full adminstration from any networked system. This is the great advantage of the web over older applications. It would be a big step backwards to use an admin tool that is OS specific and does not use a browser as its transport. //pcs
